Last active
March 25, 2019 17:23
-
-
Save marcobraghim/5aaf7e25ceb2ff64988627c00de6fb39 to your computer and use it in GitHub Desktop.
This script must to be installed with cron to check by time if must to block a predefined list of domains
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Thizer Apps ® | |
# | |
# /*** CONFIGURATION ***/ | |
# // Create a folder to save logs | |
# sudo mkdir -p /var/log/blockdomains | |
# sudo chmod 777 /var/log/blockdomains -R | |
# | |
# // Add commands to enable/disable block | |
# vi ~/.bashrc | |
# alias blockdomains='echo true > /var/log/blockdomains/.isblock && sudo bash /path/to/script/blockdomains.sh' | |
# alias unblockdomains='echo false > /var/log/blockdomains/.isblock && sudo bash /path/to/script/blockdomains.sh' | |
# source ~/.bashrc | |
# | |
# Add a ROOT cron entry with: | |
# */5 * * * * /bin/bash /path/to/script/blockdomains.sh >> /var/log/blockdomains/log-`date "+\%d"`-`date "+\%m"`.log 2>&1 | |
# Define the list of sites to be blocked | |
# domains=("facebook.com" "instagram" "whatsapp.com") | |
domains=("facebook.com" "instagram") | |
# Colors | |
y='\e[33m' # Yellow | |
d='\e[39m' # Default color | |
bold='\e[1m' # bold | |
dbold='\e[21m' # Default bold | |
# Require root user | |
user=$(whoami); | |
if [ "$user" != "root" ]; then | |
echo -e "This script requires ${y}sudo${d}" | |
exit 1 | |
fi | |
# Remove all iptables rules | |
for domain in "${domains[@]}" | |
do | |
# Maybe it's just a name like "instagram" instead of "instagram.com" | |
# so we won't have an IP | |
ip=$(ping -c 1 $domain 2>&1 | gawk -F'[()]' '/PING/{print $2}') | |
if [ -n "$ip" ]; then | |
sudo iptables -D OUTPUT -d $domain -j REJECT | |
fi | |
# Try to unblock by word string | |
sudo iptables -D OUTPUT -m string --algo bm --string "$domain" -j REJECT | |
done | |
isblock="/var/log/blockdomains/.isblock" | |
# Check if user have disabled the block | |
if [ -e "/var/log/blockdomains/.isblock" ] && [ ! -z "$(cat $isblock)" ] && [ "$(cat $isblock)" == "false" ] ; then | |
echo -e "Block canceled, try to run '${y}blockdomains${d}' on terminal to enable" | |
exit 0; | |
fi | |
# With a 'clear' param the script will | |
# only clear firewall rules | |
if [ "$1" = "clear" ]; then | |
exit 0 | |
fi; | |
# Depends of dateutils | |
if [ -z $(command -v dateutils.dtest) ]; then | |
echo "Cannot proceed. Please install 'dateutils' to continue" | |
exit 1 | |
fi | |
# actual time | |
thetime=$(date +%H:%M:%S) | |
echo -e "---------------------------------------------------" | |
echo -e "Let's check it out to block/unblock some domains...\n$thetime\n" | |
# If it's on block time | |
if | |
(dateutils.dtest $thetime --gt '09:00:00' && dateutils.dtest $thetime --lt '12:00:00') || | |
(dateutils.dtest $thetime --gt '14:00:00' && dateutils.dtest $thetime --lt '16:00:00') || | |
(dateutils.dtest $thetime --gt '16:15:00' && dateutils.dtest $thetime --lt '18:00:00') | |
then | |
for domain in "${domains[@]}" | |
do | |
# Maybe it's just a name like "instagram" instead of "instagram.com" | |
# so we won't have an IP | |
ip=$(ping -c 1 $domain 2>&1 | gawk -F'[()]' '/PING/{print $2}') | |
if [ -n "$ip" ]; then | |
sudo iptables -A OUTPUT -d $domain -j REJECT | |
fi | |
# Try to block by word string | |
sudo iptables -A OUTPUT -m string --algo bm --string "$domain" -j REJECT | |
echo -e $domain" must be rejected from now" | |
done | |
fi | |
# Malfeito feito. | |
echo -e "\n${y}Mischief managed!${d}\n" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Instalação
Veja no topo do arquivo as instruções para instalar o script no seu sistema Linux.
Opções
Os domínios a serem removidos e os horários para isso devem ser configurados
manualmente, ou seja, editando diretamente o arquivo.
Firewall
Este script irá utilizar o IPTABLES para alterar as configurações do firewall e bloquear
acessos. Verifique se isso não é um problema para você. Em todo caso o uso deste
script é por sua conta e risco.